What is an SSL Certificate?
SSL certificate is nothing but a Digital certificate that is used to authenticate a website’s identity. The SSL stands for Secure Sockets Layer. It enables encrypted connections or encrypted links between a web browser and web server.
In short, we can say, SSL certificate keeps the internet connection secure and prevents unauthorized persons or systems from reading or modification in your data or information transferring between the web browser and web server or two systems.
This post will show you how to request a public SSL certificate for a non-route53 domain, which means third-party domain names, e.g., Namecheap, Hostinger, GoDaddy, etc.
Step 1
Here, I will use the Namecheap domain for demo purposes. You can apply the same procedure to every domain name provider.
Before proceed read the below note carefully.
Must use Default nameservers or provider’s nameservers to request SSL certificate in domain name, because when you use custom nameservers at that time you will loss control over email forwarding facility and I will use email forwarding to verify certificate and once your SSL certificate is verified then you can change nameservers according to your requirements.
First, go to your domain name provider console. For example, I am going to the NameCheap console and going to a particular domain's manager section.
Second, make sure to check about nameservers, as I explained above.
In the manage section of Domain name, go to the Redirect Email or Email forwarding section.
Here, click on ADD CATCH-ALL, and set up email redirecting with your domain registrar to redirect “admin@your-domain” to an email inbox that you can receive an email at. But if you do not have any domain email, I found an easy way. You can also use your personal email, just like below.
Here, the meaning of the above thing, I will redirect all emails from your domain to your personal email inbox via domain name provider email service.
It will take 1 to 2 hours to do this action.
Step 2
Now, go to Amazon Certificate Manager (ACM) console, and click on the Request Certificate button. You will see the below screen.
Now, select Request a Public certificate, and click on the below button Request a certificate.
In the Add domain names, enter your domain as per your requirements, I mean without a subdomain like xyz.com or with any subdomain like www.xyz.com.
And now click on Next.
In the Select validation method, you can choose DNS validation or Email validation, and I will use Email Validation.
For more details about DNS validation, visit the below link.
https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html
There is one piece of information about Email Validation that you may know that ACM certificates are valid for 13 months (395 days). To be renewed, email-validated certificates require action by the domain owner. ACM begins sending renewal notices 45 days before expiration, using the domain’s WHOIS mailbox addresses and five common administrator addresses. The notifications contain a link that the domain owner can click for easy renewal. Once all listed domains are validated, ACM issues a renewed certificate with the same ARN. from AWS documentation.
More details about Email Validation
https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html
Now select Email Validation, and Click on next.
If you want to add tags, then add tags and click on the Review button.
On the Review tab, please verify your domain and certificate details. Once you verify, click on Confirm and request, and after this, click on the Continue button.
Now, you will redirect to the home page of ACM. Over there, you can see the status as Pending Validation.
Step 3
Now check your email inbox. There will be an email for SSL certification validation from AWS. In that email, you can find all details about your domain and SSL certificate. Now click on the Approval link.
Click on the I Approve button, go to the home page of ACM, and refresh the page. Over there, you can see how the status is Issued.
If you do not approve the email, go to your domain name provider console and try to change other emails.
In Namecheap, I have found one trick if you won’t get an approval email: first note your current entered email, change that email with another email, and wait for 5 minutes after 5 min. Then, change that email again with the previous one, go to the ACM console, and request to resend the email.
For any queries or suggestions, contact me on LinkedIn or My Portfolio, and do not forget to follow me on LinkedIn and medium.
LinkedIn: https://www.linkedin.com/in/parth-trambadiya/
Medium: https://trambadiyaparth.medium.com
Portfolio: https://parthtrambadiya.me
DEV.io: https://dev.to/parthtrambadiya
Top comments (0)